2021 Press Releases

January 20, 2021

Software and Cloud-First Strategies Prove to be Effective in Combat Against Cybersecurity Challenges for APAC Organisations

Thirty-six per cent of Asia Pacific (APJC) organisations reported successfully navigating current cybersecurity challenges in today’s remote-first world with software and cloud-first strategies. Organisations that regularly update their technology were the most likely to report successful security programs according to Cisco’s 2021 Security Outcomes Study for APJC.
The global study, which is based on a double-blind, independently analysed survey, includes 2,110 cybersecurity, IT and privacy professionals across 13 markets in APJC. The results offer specific actions that cybersecurity professionals can take for greater success and help businesses decide where to focus their security efforts this year.
On average APJC organisations with a proactive, tech refresh strategy are 15% more likely to report overall security success – the highest of any practice. This is most significant in China, where organisations doing this are 31% more likely to report successful security programs, followed by Thailand (30%), Australia (23%) and Japan (20%).
However, not all organisations have the budget or expertise to make this happen, also known as the “Security Bottom Line”. A strategy to migrate to cloud and SaaS security solutions can help close this gap.
The study further finds that APJC cybersecurity programs struggle the most with obtaining peer buy-in, with one-third (33%) of organisations reporting successfully achieving it. This is followed by minimising unplanned work (34% success); retaining security talent (36% success); managing top risks (37% success), and avoiding major incidents and creating security culture (both 38% success).
Other key findings in APJC from the report include:

  • A well-integrated technology stack is the second most important factor for cybersecurity success.  It has a positive impact on nearly every outcome evaluated, increasing the probability of overall success by an average of 7%. Interestingly, integrations also benefit the recruitment and retention of talent, as security teams want to work with the best technology and avoid burnout.

  • Integration is also the most significant factor in establishing a security culture that the entire organisation embraces. Instead of traditional security training programs, which do not correlate with a positive culture, investment in flexible and frictionless technology is shown to have a greater impact on overall security.

  • As a standalone practice, IT and security “working together” appears to correlate the least with overall success. This seems surprising but may point to security being a part of many CIO’s IT organisations, implying cooperation is built-in and does not need extra management or measurement. It’s also possible that organisations view large IT projects such as Zero Trust or SASE/SD-WAN implementations as security-led and owned. In most cases, these efforts are cross-domain with IT and security collaboration essential.

“Cybersecurity professionals face mounting pressure to make fast, informed decisions to secure and support the rapidly accelerated ‘work from anywhere’ model while battling a cyber threat landscape that is constantly adapting to exploit cracks in the system,” said Kerry Singleton, Managing Director, Cybersecurity, APJC, for Cisco.
“Realising that most companies do not always have the resources to invest across improving practices or culture, hiring more professionals or adopting additional technology, this study offers a guide that helps to map key security decisions to the most impactful outcomes,” he added.
The APJC markets included in Cisco’s 2021 Security Outcomes Study are Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, Philippines, Singapore, South Korea, Taiwan, Thailand, and Vietnam.